I'm using Node.js and trying to mimic the functionality of the following openssl command to generate a public key:
$> openssl ecparam -name prime256v1 -genkey -noout -out keys
$> openssl ec -in keys -pubout -out pubkey
The closest I have is:
var ec = crypto.createECDH('prime256v1');
var pub = ec.generateKeys("base64");
But this key is far shorter and doesn't work. Any ideas how I could mimic the functionality exactly?
Related
I'm trying to create a Postman pre-request script that will hash the request. I am able to use a bash script to do this using this command
SIG=$(echo -n ${CONTENT} | openssl dgst -sha1 -hmac ${PRIVATE_KEY} -binary | openssl enc -base64)
So far I have been unable to replicate this using CryptoJs to do the same, does anyone know how this can be done?
This is what I have tried
CryptoJS.HmacSHA1(CONTENT, pm.environment.get(PRIVATE_KEY)).toString(CryptoJS.enc.Base64)
I use the following set of openssl commands to generate client certificate
# create key
openssl genrsa -out client.key -aes256 -passout pass:password 2048
# create client certificate request
openssl req -new -key client.key -out client.csr -subj '/C=UA/O=MyCompany/CN=MyName/emailAddress=test#example.com' -passin pass:password
# Sign client certificate request with intermediate CA private key
openssl x509 -req -in client.csr -CA interm_cert.pem -CAkey interm_key.pem -CAcreateserial -CAserial intermediateCA.srl -extensions usr_cert -extfile openssl.conf -out client.crt -days 3650 -sha256 -passin pass:password
# generate client pfx
openssl pkcs12 -export -out client.pfx -inkey client.key -in client.crt -certfile interm_cert.pem
# convert to pem
openssl pkcs12 -in client.pfx -out client.pem -nodes
Now, I need to replicate that using jsrsasign library. Yes, I can easily create key pair using KUTIL.generateKeypair and certificate signing request, but this is as mach as I could figure out so far, using the library reference
Any help is greatly appreciated
i try import my pem key to Google KMS(with hsm support). I have google guide how it create with openssl:
Wrap the key
Generate a temporary random AES key that is 32 bytes long.
openssl rand -out temp_aes_key.bin 32
Wrap the temporary AES key with the wrapping public key using CKM_RSA_PKCS_OAEP.
openssl rsautl -encrypt
-pubin -inkey wrap_pub_key.pub
-in temp_aes_key.bin
-out temp_aes_key_wrapped.bin
-oaep
Wrap the target key with the temporary AES key using CKM_AES_KEY_WRAP_PAD.
openssl enc -id-aes256-wrap-pad -K $( hexdump -v -e '/1
"%02x"' < "temp_aes_key.bin" ) -iv A65959A6 -in my_key.pem
-out target_key_wrapped.bin
Note the use of -iv A65959A6 sets A65959A6 as the Alternate Initial Value as required by the RFC 5649 specification.
I have wrap_pub_key.pub and my_key.pem, where wrap_pub_key.pub:
-----BEGIN PUBLIC KEY-----
...........key...........
-----END PUBLIC KEY-----
How to programm this steps in nodeJs with cryto lib(without openssl)?
I think you are following this guide I'm not familiar with NodeJs, however I found the next documentation that It could be helpful,
I found the github repo list of each language supported for the Cloud Platform services/APIs!
I think that you can start with this available examples
If you need more details you can use these references:
Google KMS Node.js io Samples
KMS Node.js Client Library
Finally I understand that when you import this kind of key you need to choose a key wrapping algorithms
I hope you find this information helpful
I want to encrypt text with RSA using Public.pem and private.pem
I generated these files with openssl
openssl genrsa -out private.pem 2048
openssl rsa -pubout -in private.pem -out public.pem
I need to encrypt the text in javascript (I use this Library) only for encryption.
This text in base64 is sent to the server in C#, I use RSACryptoServiceProvider, but I only saw that is possible load public key with:
RSAParameters RSAParams = RSA.ExportParameters(false);
RSAParams.Modulus = privateKey;
RSA.ImportParameters(RSAParams);
But I need use my own private.pem file to decrypt my text and use it after.
How can I make this?
I'm trying to get SSL https working on my nodejs server but the browser returns a ERR_SSL_PROTOCOL_ERROR
code:
var express = require('express');
var https = require('https');
var http = require('http');
var fs = require('fs');
var options = {
key: fs.readFileSync('key.pem'),
cert: fs.readFileSync('cert.pem')
}
http.createServer(app).listen(80);
https.createServer(options, app).listen(443);
This will happen if your key isn't generated correctly.
A lot of places will tell you to do this:
openssl genrsa -out key.pem
That will not work if you're on a Mac, and instead you need to do this to make the key length 2048:
openssl genrsa -out key.pem 2048
In summary, do these steps to make a correct key on Mac:
openssl genrsa -out key.pem 2048
openssl req -new -key key.pem -out client.csr
openssl x509 -req -in client.csr -signkey key.pem -out cert.pem